-
-
Notifications
You must be signed in to change notification settings - Fork 514
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Choose autogenerated passphrase wordlist based on $LANG #278
Comments
Fortunately, unlike the canonical use-case for BIP 39, it doesn't matter if we switch the word lists later for improved ones! So I'm +1 on this, and will follow in |
The BIP 39 wordlist has a lot of prefix words, leading to confusion when passwords are created without separators, e.g. https://github.com/covert-encryption/covert/blob/main/covert/wordlist.py In this list all words are 3-6 letter long to avoid large variation in password lengths, and to keep them simple. Every 3-letter prefix is unique, allowing autocompletion of words after only 2 or 3 letters have been typed, and at the same time avoiding the aforementioned problem. We try to include words that are not easily misread when no separators are used (e.g. Similar lists can be generated for other languages with the simple script that we used for this one, if large lists to be used as a starting point are available. It will require some manual exchange of words for maximal quality though. Our list is under development and we expect a few more words being replaced in the coming weeks until it is finalised. |
Generated passphrases in both age and rage use hyphen-separated words, so prefix confusion is not a concern here. |
@str4d I am well aware of that, but tab completion is also a nice thing to have especially with 10-word passphrases. Four easily memorable words, autocomplete, no wordbreaks and strong hashing might still be better for file encryption, leaving 10 word (110 bit) phrases for seeding cryptocurrency wallets and other functions where the output must be globally unique. |
BIP-39 already has wordlists for a number of languages, so we can probably stick to those, even if they are not particularly great.
https://github.com/bitcoin/bips/tree/master/bip-0039
The text was updated successfully, but these errors were encountered: